Anchorless

Take your time. There is no active malware on your system. Just maybe some leftovers which are not causing any harm at the moment. When you have time find a cable connectable mouse and fix the double click problem first. Sorry about the delay. Really busy weekend at work. I do feel better with my computer acting better,…

Of course you need a connectable mouse to be able perform this because you loose contact after uninstalling. I will follow through with your steps as soon as I can! Thank you so very much! Had a bit of trouble finding time to get on here. Work is demanding some days. I really appreciate the help! Talk with you soon, I'll…

Okay I did the system restore instructions, looks to be fine. The only thing is that double click! It's pretty frustrating. I just don't know if I feel 100% about the clean yet until we can get the double click situation figured out. Thank you SO MUCH for all of your help! Let me know if you come up with any ideas for…

It is indeed good news, let me think about the double click. Meanwhile I want to make sure the malware is cleaned from system information volume: Reboot and check if your computer is running fine. Then empty your restore volume to get rid of recreation of infection by windows recovery. To do that: go to start-control…

I did all that you instructed. Still no double click on startup. It seems like whatever is happening, the settings in my control panel under mouse are changing the double click speed to the fastest setting which keeps the double click from working. Seems like the adobe installer doesn't load when I right click on the…

Okay the adobe installer is popping up again when I click on icons in desktop. My system came with windows XP but didn't come with an XP CD. Just a drivers CD. I read up on it a bit and there was suppose to be some sort of restore program to reinstall operating system? Not very convenient for us. Thanks a lot for your help…

Unfortunately with DELL they did not ship my computer with an XP CD. Just a CD with the drivers etc... I can look into getting a hard copy of the CD. It only asked on two instances for the CD and I had to hit skip. Other than that I did follow the instructions and ran the ****** through combo fix and the log is just below.…

I am still thinking of E:\setup.exe if you have an E partition this file should be removed immediately before going through the steps. If E is your CD-ROM go on with the steps. E:\ is my CD/DVD rom drive. Thanks. Just ran the combo fix with the ****** posting results really soon. Thanks again!

I scanned all of the ope files in my system32 folder with virustotal.com ope192.exe came up with the following so I deleted ope files in the system 32 folder, there were two ope.tmp files, plus the .exe AhnLab-V3 - - - AntiVir - - - Authentium - - - Avast - - - AVG - - - BitDefender - - - CAT-QuickHeal - - - ClamAV - - -…

Hi Anchorless, You are welcome, thank you also for your patience. Please add this one to the list at the step 1: C:\WINDOWS\iplayer.INI (this is a legit one but may be misused) I ended up having to work a long day yesterday. When I got home it was well past my bedtime. My apologies. Going to work again this morning, be…

Hi anchorless, I want to make sure the malware does not get installed next time. Step 1. Did you get a chance to get those files scanned? I added a couple of files to them: *C:\WINDOWS\system32\ope18B.exe (there are more ope* files in system32 folder, all suspicious) *C:\WINDOWS\system32\grrpctgn.ini *C:\WINDOWS\QTFont.qfn…

1. Clean everything in Temp folder by following the instruction exactly as it is written (inclusive eventually hidden files), dus by selechting one file and then cntr+a 2. The files named may be hidden, unhide it by going to start-control panel- map options- view- check show hidden files and folder. 3. Let also the…

I attempted to delete the .tmp files that appeared in my TEMP folder and got an alert stating the file is currently in use and cannot be deleted. . My double click is still disabled. Whenever I right click on an icon on desktop adobe acrobat still tries to load. I still think something is remaining because of my double…

Step 4. Reboot : Right after reboot empty user temp file by going to start-run- type %temp% - on the right panel select one of the files, then ctrl+a (this one select also hidden files) then shift+delete to delete (this bypasses recyclebin). See how it is going, you may download the missing adobe file if everything is…

Step 1. Run hijackthis.click "Do a system scan only", check the following items, close all windows including the one you are reading and click on fix checked. F3 - REG:win.ini: load=C:\WINDOWS\system32\awvvu.exe O2 - BHO: {b937c143-9f8d-821b-31a4-fe83301fcc13} - {31ccf103-38ef-4a13-b128-d8f9341c739b} -…

I don't see any log. Please copy and paste it. Sorry about that. Here is the log. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:11:27 PM, on 1/25/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe…

Hi Anchorless, Since you have send the files and now understandably want help to remove the infection I would be ready to help you. I can see the infection is partially revealed by HJT. But still managing to hide itself. If you wanted my assistance try this as for me it is the shortcut: Change the HijackThis.exe to…

File already detected as "Trojan.Drastwor.A". Best regards. Thanks a lot. How do remove it from my computer? Should I fix the hijack this log where it runs kernal.exe and then go back in and delete folder manually? None of my virus protectors find kernal.exe as a virus. I've ran vundofix, avg, bitdefender, mcaffee,…

Kyron, here is the archived kernal file. It's in .rar format. I took it right from my system 32 folder. After deleting the icons on my desktop and running vundofix.exe I had 1,000 .tmp files on my C:\ drive that I was able to delete. Seems like I halted the virus, but since I didn't get rid of it, it respawned and kicked…

(sorry for delay) Anchorless, please make an archive with all the content of C:\Program Files\kernel\ and give it to me. Kyron, by archive do you mean a .zip file or .rar file? I noticed this morning I had another unusual .dll file in my system registry and took it out using regedit. The desktop icons that I had posted in…

Thanks a lot for the advice! I downloaded the malware tool you linked to and it came up with zero errors. Vundofix still detects awvvu.dll but cannot remove it. I still get a buffer overload in Internet Explorer that Mcaffee blocks, and I cannot double click with my mouse unless I go into the control panel and reset double…

kernal.exe ? 99% malware only by name:P:P. but if you paste the log here would be better. also, did you try BDAspy? (you can get it from http://students.info.uaic.ro/~daniel.chipi...DAspySetup.exe). If the normal scan doesn't work, you may try a DeepScan. keep us informed. I'll post my HiJack Log in as soon as I get to my…